xref: /titanic_50/usr/src/cmd/ldap/common/ldaptest.c (revision 2983dda76a6d296fdb560c88114fe41caad1b84f)
1 /*
2  *
3  * Portions Copyright 1998 Sun Microsystems, Inc.  All rights reserved.
4  * Use is subject to license terms.
5  *
6  */
7 
8 #pragma ident	"%Z%%M%	%I%	%E% SMI"
9 
10 #include <stdio.h>
11 #include <ctype.h>
12 #include <string.h>
13 #include <sys/types.h>
14 #include <sys/socket.h>
15 #include <sys/time.h>
16 #include <sys/stat.h>
17 #include <sys/file.h>
18 #include <fcntl.h>
19 #include <unistd.h>
20 
21 #include "lber.h"
22 #include "ldap.h"
23 
24 #define MOD_USE_BVALS
25 
26 #ifdef NEEDPROTOS
27 static void handle_result( LDAP *ld, LDAPMessage *lm );
28 static void print_ldap_result( LDAP *ld, LDAPMessage *lm, char *s );
29 static void print_search_entry( LDAP *ld, LDAPMessage *res );
30 static void free_list( char **list );
31 #else
32 static void handle_result();
33 static void print_ldap_result();
34 static void print_search_entry();
35 static void free_list();
36 #endif /* NEEDPROTOS */
37 
38 #define NOCACHEERRMSG	"don't compile with -DNO_CACHE if you desire local caching"
39 
40 char *dnsuffix;
41 
42 static char *
43 getline( char *line, int len, FILE *fp, char *prompt )
44 {
45 	printf(prompt);
46 
47 	if ( fgets( line, len, fp ) == NULL )
48 		return( NULL );
49 
50 	line[ strlen( line ) - 1 ] = '\0';
51 
52 	return( line );
53 }
54 
55 static char **
56 get_list( char *prompt )
57 {
58 	static char	buf[256];
59 	int		num;
60 	char		**result;
61 
62 	num = 0;
63 	result = (char **) 0;
64 	while ( 1 ) {
65 		getline( buf, sizeof(buf), stdin, prompt );
66 
67 		if ( *buf == '\0' )
68 			break;
69 
70 		if ( result == (char **) 0 )
71 			result = (char **) malloc( sizeof(char *) );
72 		else
73 			result = (char **) realloc( result,
74 			    sizeof(char *) * (num + 1) );
75 
76 		result[num++] = (char *) strdup( buf );
77 	}
78 	if ( result == (char **) 0 )
79 		return( NULL );
80 	result = (char **) realloc( result, sizeof(char *) * (num + 1) );
81 	result[num] = NULL;
82 
83 	return( result );
84 }
85 
86 
87 static void
88 free_list( char **list )
89 {
90 	int	i;
91 
92 	if ( list != NULL ) {
93 		for ( i = 0; list[ i ] != NULL; ++i ) {
94 			free( list[ i ] );
95 		}
96 		free( (char *)list );
97 	}
98 }
99 
100 
101 #ifdef MOD_USE_BVALS
102 static int
103 file_read( char *path, struct berval *bv )
104 {
105 	FILE		*fp;
106 	long		rlen;
107 	int		eof;
108 
109 	if (( fp = fopen( path, "r" )) == NULL ) {
110 	    	perror( path );
111 		return( -1 );
112 	}
113 
114 	if ( fseek( fp, 0L, SEEK_END ) != 0 ) {
115 		perror( path );
116 		fclose( fp );
117 		return( -1 );
118 	}
119 
120 	bv->bv_len = ftell( fp );
121 
122 	if (( bv->bv_val = (char *)malloc( bv->bv_len )) == NULL ) {
123 		perror( "malloc" );
124 		fclose( fp );
125 		return( -1 );
126 	}
127 
128 	if ( fseek( fp, 0L, SEEK_SET ) != 0 ) {
129 		perror( path );
130 		fclose( fp );
131 		return( -1 );
132 	}
133 
134 	rlen = fread( bv->bv_val, 1, bv->bv_len, fp );
135 	eof = feof( fp );
136 	fclose( fp );
137 
138 	if ( rlen != bv->bv_len ) {
139 		perror( path );
140 		free( bv->bv_val );
141 		return( -1 );
142 	}
143 
144 	return( bv->bv_len );
145 }
146 #endif /* MOD_USE_BVALS */
147 
148 
149 static LDAPMod **
150 get_modlist( char *prompt1, char *prompt2, char *prompt3 )
151 {
152 	static char	buf[256];
153 	int		num;
154 	LDAPMod		tmp;
155 	LDAPMod		**result;
156 #ifdef MOD_USE_BVALS
157 	struct berval	**bvals;
158 #endif /* MOD_USE_BVALS */
159 
160 	num = 0;
161 	result = NULL;
162 	while ( 1 ) {
163 		if ( prompt1 ) {
164 			getline( buf, sizeof(buf), stdin, prompt1 );
165 			tmp.mod_op = atoi( buf );
166 
167 			if ( tmp.mod_op == -1 || buf[0] == '\0' )
168 				break;
169 		}
170 
171 		getline( buf, sizeof(buf), stdin, prompt2 );
172 		if ( buf[0] == '\0' )
173 			break;
174 		tmp.mod_type = strdup( buf );
175 
176 		tmp.mod_values = get_list( prompt3 );
177 #ifdef MOD_USE_BVALS
178 		if ( tmp.mod_values != NULL ) {
179 			int	i;
180 
181 			for ( i = 0; tmp.mod_values[i] != NULL; ++i )
182 				;
183 			bvals = (struct berval **)calloc( i + 1,
184 			    sizeof( struct berval *));
185 			for ( i = 0; tmp.mod_values[i] != NULL; ++i ) {
186 				bvals[i] = (struct berval *)malloc(
187 				    sizeof( struct berval ));
188 				if ( strncmp( tmp.mod_values[i], "{FILE}",
189 				    6 ) == 0 ) {
190 					if ( file_read( tmp.mod_values[i] + 6,
191 					    bvals[i] ) < 0 ) {
192 						return( NULL );
193 					}
194 				} else {
195 					bvals[i]->bv_val = tmp.mod_values[i];
196 					bvals[i]->bv_len =
197 					    strlen( tmp.mod_values[i] );
198 				}
199 			}
200 			tmp.mod_bvalues = bvals;
201 			tmp.mod_op |= LDAP_MOD_BVALUES;
202 		}
203 #endif /* MOD_USE_BVALS */
204 
205 		if ( result == NULL )
206 			result = (LDAPMod **) malloc( sizeof(LDAPMod *) );
207 		else
208 			result = (LDAPMod **) realloc( result,
209 			    sizeof(LDAPMod *) * (num + 1) );
210 
211 		result[num] = (LDAPMod *) malloc( sizeof(LDAPMod) );
212 		*(result[num]) = tmp;	/* struct copy */
213 		num++;
214 	}
215 	if ( result == NULL )
216 		return( NULL );
217 	result = (LDAPMod **) realloc( result, sizeof(LDAPMod *) * (num + 1) );
218 	result[num] = NULL;
219 
220 	return( result );
221 }
222 
223 
224 int
225 bind_prompt( LDAP *ld, char **dnp, char **passwdp, int *authmethodp,
226 	int freeit )
227 {
228 	static char	dn[256], passwd[256];
229 
230 	if ( !freeit ) {
231 #ifdef KERBEROS
232 		getline( dn, sizeof(dn), stdin,
233 		    "re-bind method (0->simple, 1->krbv41, 2->krbv42, 3->krbv41&2)? " );
234 		if (( *authmethodp = atoi( dn )) == 3 ) {
235 			*authmethodp = LDAP_AUTH_KRBV4;
236 		} else {
237 			*authmethodp |= 0x80;
238 		}
239 #else /* KERBEROS */
240 		*authmethodp = LDAP_AUTH_SIMPLE;
241 #endif /* KERBEROS */
242 
243 		getline( dn, sizeof(dn), stdin, "re-bind dn? " );
244 		strcat( dn, dnsuffix );
245 		*dnp = dn;
246 
247 		if ( *authmethodp == LDAP_AUTH_SIMPLE && dn[0] != '\0' ) {
248 			getline( passwd, sizeof(passwd), stdin,
249 			    "re-bind password? " );
250 		} else {
251 			passwd[0] = '\0';
252 		}
253 		*passwdp = passwd;
254 	}
255 
256 	return( LDAP_SUCCESS );
257 }
258 
259 
260 int
261 main(int argc, char **argv )
262 {
263 	LDAP	*ld;
264 	int		i, c, port, cldapflg, errflg, method, id,
265 		msgtype, delrdn, theInt, sizelimit, err;
266 	char	line[256], command1, command2, command3;
267 	char	passwd[64], dn[256], rdn[64], attr[64], value[256];
268 	char	filter[256], *host, **types;
269 	char 	*mechanism;
270 
271 	char	**exdn;
272 	char	*usage = "usage: %s [-u] [-h host] [-d level] [-s dnsuffix] [-p port] [-t file] [-T file]\n";
273 	int		bound, all, scope, attrsonly;
274 	LDAPMessage	*res;
275 	LDAPMod	**mods, **attrs;
276 	struct timeval	timeout, timelimit;
277 	char	*copyfname = NULL;
278 	int		copyoptions = 0, resultusetimelimit = 0;
279 	LDAPURLDesc	*ludp;
280 	struct berval bv, cred, *srvcrds = NULL;
281 	extern char	*optarg;
282 	extern int	optind;
283 	LDAPControl *ctrls[2];
284 	LDAPControl aCtrl;
285 
286 
287 #ifdef MACOS
288 	if (( argv = get_list( "cmd line arg?" )) == NULL ) {
289 		exit( 1 );
290 	}
291 	for ( argc = 0; argv[ argc ] != NULL; ++argc ) {
292 		;
293 	}
294 #endif /* MACOS */
295 
296 	host = NULL;
297 	port = LDAP_PORT;
298 	dnsuffix = "";
299 	cldapflg = errflg = 0;
300 	ctrls[0] = &aCtrl;
301 	ctrls[1] = NULL;
302 
303 	while (( c = getopt( argc, argv, "uh:d:s:p:t:T:" )) != -1 ) {
304 		switch( c ) {
305 		case 'u':
306 #ifdef CLDAP
307 			cldapflg++;
308 #else /* CLDAP */
309 			printf( "Compile with -DCLDAP for UDP support\n" );
310 #endif /* CLDAP */
311 			break;
312 
313 		case 'd':
314 #ifdef LDAP_DEBUG
315 			ldap_debug = atoi( optarg );
316 			if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
317 				lber_debug = ldap_debug;
318 			}
319 #else
320 			printf( "Compile with -DLDAP_DEBUG for debugging\n" );
321 #endif
322 			break;
323 
324 		case 'h':
325 			host = optarg;
326 			break;
327 
328 		case 's':
329 			dnsuffix = optarg;
330 			break;
331 
332 		case 'p':
333 			port = atoi( optarg );
334 			break;
335 
336 #if !defined(MACOS) && !defined(DOS)
337 		case 't':	/* copy ber's to given file */
338 			copyfname = strdup( optarg );
339 			copyoptions = LBER_TO_FILE;
340 			break;
341 
342 		case 'T':	/* only output ber's to given file */
343 			copyfname = strdup( optarg );
344 			copyoptions = (LBER_TO_FILE | LBER_TO_FILE_ONLY);
345 			break;
346 #endif
347 
348 		default:
349 		    ++errflg;
350 		}
351 	}
352 
353 	if ( host == NULL && optind == argc - 1 ) {
354 		host = argv[ optind ];
355 		++optind;
356 	}
357 
358 	if ( errflg || optind < argc - 1 ) {
359 		fprintf( stderr, usage, argv[ 0 ] );
360 		exit( 1 );
361 	}
362 
363 	printf( "%s( %s, %d )\n", cldapflg ? "cldap_open" : "ldap_init",
364 		host == NULL ? "(null)" : host, port );
365 
366 	if ( cldapflg ) {
367 #ifdef CLDAP
368 		ld = cldap_open( host, port );
369 #endif /* CLDAP */
370 	} else {
371 		ld = ldap_init( host, port );
372 	}
373 
374 	if ( ld == NULL ) {
375 		perror( "ldap_init" );
376 		exit(1);
377 	}
378 
379 #if !defined(MACOS) && !defined(DOS)
380 	if ( copyfname != NULL ) {
381 		if ( (ld->ld_sb.sb_fd = open( copyfname, O_WRONLY | O_CREAT,
382 		    0600 ))  == -1 ) {
383 			perror( copyfname );
384 			exit ( 1 );
385 		}
386 		ld->ld_sb.sb_options = copyoptions;
387 	}
388 #endif
389 
390 	bound = 0;
391 	timeout.tv_sec = 0;
392 	timeout.tv_usec = 0;
393 	timelimit.tv_sec = 0;
394 	timelimit.tv_usec = 0;
395 
396 	(void) memset( line, '\0', sizeof(line) );
397 	while ( getline( line, sizeof(line), stdin, "\ncommand? " ) != NULL ) {
398 		command1 = line[0];
399 		command2 = line[1];
400 		command3 = line[2];
401 
402 		switch ( command1 ) {
403 		case 'a':	/* add or abandon */
404 			switch ( command2 ) {
405 			case 'd':	/* add */
406 				getline( dn, sizeof(dn), stdin, "dn? " );
407 				strcat( dn, dnsuffix );
408 				if ( (attrs = get_modlist( NULL, "attr? ",
409 				    "value? " )) == NULL )
410 					break;
411 				if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &i) == LDAP_SUCCESS && i == LDAP_VERSION3){
412 					if ((err = ldap_add_ext( ld, dn, attrs, NULL, NULL, &id )) != LDAP_SUCCESS )
413 						printf( "Error in ldap_add_ext: %s\n", ldap_err2string(err) );
414 					else
415 						printf( "Add initiated with id %d\n", id );
416 				}
417 				else {
418 					if ( (id = ldap_add( ld, dn, attrs )) == -1 )
419 						ldap_perror( ld, "ldap_add" );
420 					else
421 						printf( "Add initiated with id %d\n", id );
422 				}
423 
424 				break;
425 
426 			case 'b':	/* abandon */
427 				getline( line, sizeof(line), stdin, "msgid? " );
428 				id = atoi( line );
429 				if ( ldap_abandon( ld, id ) != 0 )
430 					ldap_perror( ld, "ldap_abandon" );
431 				else
432 					printf( "Abandon successful\n" );
433 				break;
434 			default:
435 				printf( "Possibilities: [ad]d, [ab]ort\n" );
436 			}
437 			break;
438 
439 		case 'b':	/* asynch bind */
440 #ifdef KERBEROS
441 			getline( line, sizeof(line), stdin,
442 			    "method (0->simple, 1->krbv41, 2->krbv42)? " );
443 			method = atoi( line ) | 0x80;
444 #else /* KERBEROS */
445 			method = LDAP_AUTH_SIMPLE;
446 #endif /* KERBEROS */
447 			getline( dn, sizeof(dn), stdin, "dn? " );
448 			strcat( dn, dnsuffix );
449 
450 			if ( method == LDAP_AUTH_SIMPLE && dn[0] != '\0' )
451 				getline( passwd, sizeof(passwd), stdin,
452 				    "password? " );
453 			else
454 				passwd[0] = '\0';
455 
456 			if ( ldap_bind( ld, dn, passwd, method ) == -1 ) {
457 				fprintf( stderr, "ldap_bind failed\n" );
458 				ldap_perror( ld, "ldap_bind" );
459 			} else {
460 				printf( "Bind initiated\n" );
461 				bound = 1;
462 			}
463 			break;
464 
465 		case 'B':	/* synch bind */
466 #ifdef KERBEROS
467 			getline( line, sizeof(line), stdin,
468 			    "method 0->simple 1->krbv41 2->krbv42 3->krb? " );
469 			method = atoi( line );
470 			if ( method == 3 )
471 				method = LDAP_AUTH_KRBV4;
472 			else
473 				method = method | 0x80;
474 #else /* KERBEROS */
475 			getline( line, sizeof(line), stdin,
476 					 "method 0->simple, 1->SASL? ");
477 			method = atoi (line);
478 			if (method == 1){
479 				method = LDAP_AUTH_SASL;
480 				getline( line, sizeof(line), stdin,
481 						 "mechanism 0->CRAM_MD5, 1->TLS? ");
482 				theInt = atoi(line);
483 				if (theInt == 0){
484 					mechanism = LDAP_SASL_CRAM_MD5;
485 				}
486 				else{
487 					mechanism = LDAP_SASL_X511_STRONG;
488 				}
489 			} else {
490 				method = LDAP_AUTH_SIMPLE;
491 			}
492 
493 #endif /* KERBEROS */
494 			getline( dn, sizeof(dn), stdin, "dn? " );
495 			strcat( dn, dnsuffix );
496 
497 			if ( dn[0] != '\0' )
498 				getline( passwd, sizeof(passwd), stdin,
499 				    "password? " );
500 			else
501 				passwd[0] = '\0';
502 
503 			if (method == LDAP_AUTH_SIMPLE) {
504 				if ( ldap_bind_s( ld, dn, passwd, method ) !=
505 					 LDAP_SUCCESS ) {
506 					fprintf( stderr, "ldap_bind_s failed\n" );
507 					ldap_perror( ld, "ldap_bind_s" );
508 				} else {
509 					printf( "Bind successful\n" );
510 					bound = 1;
511 				}
512 			} else {
513 				if (strcmp(mechanism, LDAP_SASL_CRAM_MD5) == 0){
514 					cred.bv_val = passwd;
515 					cred.bv_len = strlen(passwd);
516 
517 					if ( ldap_sasl_cram_md5_bind_s(ld, dn, &cred, NULL, NULL) != LDAP_SUCCESS ){
518 						fprintf( stderr, "ldap_sasl_cram_md5_bind_s failed\n" );
519 						ldap_perror( ld, "ldap_sasl_cram_md5_bind_s" );
520 					} else {
521 						printf ( "Bind successful\n");
522 						bound = 1;
523 					}
524 				} else {
525 					if (ldap_sasl_bind_s(ld, dn, mechanism, &cred, NULL, NULL, &srvcrds ) != LDAP_SUCCESS){
526 						fprintf( stderr, "ldap_sasl_bind_s failed\n" );
527 						ldap_perror( ld, "ldap_sasl_bind_s" );
528 					}
529 				}
530 			}
531 			break;
532 
533 		case 'c':	/* compare */
534 			getline( dn, sizeof(dn), stdin, "dn? " );
535 			strcat( dn, dnsuffix );
536 			getline( attr, sizeof(attr), stdin, "attr? " );
537 			getline( value, sizeof(value), stdin, "value? " );
538 
539 			if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &i) == LDAP_SUCCESS && i == LDAP_VERSION3){
540 				bv.bv_val = value;
541 				bv.bv_len = strlen(value);
542 				if ((err = ldap_compare_ext( ld, dn, attr, &bv, NULL, NULL, &id )) != LDAP_SUCCESS )
543 					printf( "Error in ldap_compare_ext: %s\n", ldap_err2string(err) );
544 				else
545 					printf( "Compare initiated with id %d\n", id );
546 			} else {
547 				if ( (id = ldap_compare( ld, dn, attr, value )) == -1 )
548 					ldap_perror( ld, "ldap_compare" );
549 				else
550 					printf( "Compare initiated with id %d\n", id );
551 			}
552 			break;
553 
554 		case 'd':	/* turn on debugging */
555 #ifdef LDAP_DEBUG
556 			getline( line, sizeof(line), stdin, "debug level? " );
557 			ldap_debug = atoi( line );
558 			if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
559 				lber_debug = ldap_debug;
560 			}
561 #else
562 			printf( "Compile with -DLDAP_DEBUG for debugging\n" );
563 #endif
564 			break;
565 
566 		case 'E':	/* explode a dn */
567 			getline( line, sizeof(line), stdin, "dn? " );
568 			exdn = ldap_explode_dn( line, 0 );
569 			for ( i = 0; exdn != NULL && exdn[i] != NULL; i++ ) {
570 				printf( "\t%s\n", exdn[i] );
571 			}
572 			break;
573 
574 		case 'g':	/* set next msgid */
575 			getline( line, sizeof(line), stdin, "msgid? " );
576 			ld->ld_msgid = atoi( line );
577 			break;
578 
579 		case 'v':	/* set version number */
580 			getline( line, sizeof(line), stdin, "version? " );
581 			theInt = atoi(line);
582 			ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &theInt);
583 			break;
584 
585 		case 'm':	/* modify or modifyrdn */
586 			if ( strncmp( line, "modify", 4 ) == 0 ) {
587 				getline( dn, sizeof(dn), stdin, "dn? " );
588 				strcat( dn, dnsuffix );
589 				if ( (mods = get_modlist(
590 				    "mod (0=>add, 1=>delete, 2=>replace -1=>done)? ",
591 				    "attribute type? ", "attribute value? " ))
592 				    == NULL )
593 					break;
594 				if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &i) == LDAP_SUCCESS && i == LDAP_VERSION3){
595 					if ((err = ldap_modify_ext( ld, dn, mods, NULL, NULL, &id )) != LDAP_SUCCESS )
596 						printf( "Error in ldap_modify_ext: %s\n", ldap_err2string(err) );
597 					else
598 						printf( "Modify initiated with id %d\n", id );
599 				}
600 				else {
601 					if ( (id = ldap_modify( ld, dn, mods )) == -1 )
602 						ldap_perror( ld, "ldap_modify" );
603 					else
604 						printf( "Modify initiated with id %d\n", id );
605 				}
606 			} else if ( strncmp( line, "modrdn", 4 ) == 0 ) {
607 				getline( dn, sizeof(dn), stdin, "dn? " );
608 				strcat( dn, dnsuffix );
609 				getline( rdn, sizeof(rdn), stdin, "newrdn? " );
610 				getline( line, sizeof(line), stdin, "delete old rdn (0=>no, 1=>yes)?");
611 				delrdn = atoi(line);
612 				if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &i) == LDAP_SUCCESS && i == LDAP_VERSION3){
613 					if ((err = ldap_rename(ld, dn, rdn, NULL, delrdn, NULL,NULL, &id)) != LDAP_SUCCESS){
614 						printf( "Error in ldap_rename (modrdn): %s\n", ldap_err2string(err));
615 					}
616 					else
617 						printf( "Modrdn initiated with id %d\n", id );
618 				}
619 				else {
620 					if ( (id = ldap_modrdn( ld, dn, rdn, delrdn )) == -1 )
621 						ldap_perror( ld, "ldap_modrdn" );
622 					else
623 						printf( "Modrdn initiated with id %d\n", id );
624 				}
625 			} else {
626 				printf( "Possibilities: [modi]fy, [modr]dn\n" );
627 			}
628 			break;
629 
630 		case 'q':	/* quit */
631 #ifdef CLDAP
632 			if ( cldapflg )
633 				cldap_close( ld );
634 #endif /* CLDAP */
635 			if ( !cldapflg )
636 				ldap_unbind( ld );
637 			exit( 0 );
638 			break;
639 
640 		case 'r':	/* result or remove */
641 			switch ( command3 ) {
642 			case 's':	/* result */
643 				getline( line, sizeof(line), stdin,
644 				    "msgid (-1=>any)? " );
645 				if ( line[0] == '\0' )
646 					id = -1;
647 				else
648 					id = atoi( line );
649 				getline( line, sizeof(line), stdin,
650 				    "all (0=>any, 1=>all)? " );
651 				if ( line[0] == '\0' )
652 					all = 1;
653 				else
654 					all = atoi( line );
655 
656 				if (( msgtype = ldap_result( ld, id, all,
657 				    resultusetimelimit ? &timelimit : &timeout, &res )) < 1 ) {
658 					ldap_perror( ld, "ldap_result" );
659 					break;
660 				}
661 				printf( "\nresult: msgtype %d msgid %d\n",
662 				    msgtype, res->lm_msgid );
663 				handle_result( ld, res );
664 				if (all || msgtype == LDAP_RES_SEARCH_RESULT)
665 					resultusetimelimit = 0;
666 				res = NULLMSG;
667 				break;
668 
669 			case 'm':	/* remove */
670 				getline( dn, sizeof(dn), stdin, "dn? " );
671 				strcat( dn, dnsuffix );
672 				if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &i) == LDAP_SUCCESS && i == LDAP_VERSION3){
673 					if ((err = ldap_delete_ext( ld, dn, NULL, NULL, &id )) != LDAP_SUCCESS )
674 						printf( "Error in ldap_delete_ext: %s\n", ldap_err2string(err) );
675 					else
676 						printf( "Remove initiated with id %d\n", id );
677 				} else {
678 					if ( (id = ldap_delete( ld, dn )) == -1 )
679 						ldap_perror( ld, "ldap_delete" );
680 					else
681 						printf( "Remove initiated with id %d\n", id );
682 				}
683 				break;
684 
685 			default:
686 				printf( "Possibilities: [rem]ove, [res]ult\n" );
687 				break;
688 			}
689 			break;
690 
691 		case 's':	/* search */
692 			getline( dn, sizeof(dn), stdin, "searchbase? " );
693 			strcat( dn, dnsuffix );
694 			getline( line, sizeof(line), stdin,
695 			    "scope (0=Base, 1=One Level, 2=Subtree)? " );
696 			scope = atoi( line );
697 			getline( filter, sizeof(filter), stdin,
698 			    "search filter (e.g. sn=jones)? " );
699 			types = get_list( "attrs to return? " );
700 			getline( line, sizeof(line), stdin,
701 			    "attrsonly (0=attrs&values, 1=attrs only)? " );
702 			attrsonly = atoi( line );
703 
704 			if ( cldapflg ) {
705 #ifdef CLDAP
706 			    getline( line, sizeof(line), stdin,
707 				"Requestor DN (for logging)? " );
708 			    if ( cldap_search_s( ld, dn, scope, filter, types,
709 				    attrsonly, &res, line ) != 0 ) {
710 				ldap_perror( ld, "cldap_search_s" );
711 			    } else {
712 				printf( "\nresult: msgid %d\n",
713 				    res->lm_msgid );
714 				handle_result( ld, res );
715 				res = NULLMSG;
716 			    }
717 #endif /* CLDAP */
718 			} else {
719 				theInt = 0;
720 				if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &i) == LDAP_SUCCESS && i == LDAP_VERSION3){
721 					resultusetimelimit = 1;
722 					getline( line, sizeof(line), stdin,
723 							 "ldap_search_ext (0=>no, 1=>yes - default: yes)? " );
724 					if (line[0] == '\0')
725 						theInt = 1;
726 					else
727 						theInt = atoi( line );
728 				}
729 				if (theInt){
730 					getline(line, sizeof(line), stdin, "time limit?");
731 					timelimit.tv_sec = atoi(line);
732 					resultusetimelimit = 1;
733 					getline(line, sizeof(line), stdin, "size limit?");
734 					sizelimit = atoi(line);
735 					if (( err = ldap_search_ext(ld, dn, scope, filter, types, attrsonly, NULL, NULL,
736 												&timelimit, sizelimit, &id)) != LDAP_SUCCESS){
737 						printf( "Error in ldap_search_ext: %s\n", ldap_err2string(err));
738 					} else {
739 						printf( "Search initiated with id %d\n", id );
740 					}
741 				} else {
742 					if (( id = ldap_search( ld, dn, scope, filter,
743 											types, attrsonly  )) == -1 ) {
744 						ldap_perror( ld, "ldap_search" );
745 					} else {
746 						printf( "Search initiated with id %d\n", id );
747 					}
748 				}
749 			}
750 			free_list( types );
751 			break;
752 
753 		case 't':	/* set timeout value */
754 			getline( line, sizeof(line), stdin, "timeout? " );
755 			timeout.tv_sec = atoi( line );
756 			break;
757 
758 		case 'U':	/* set ufn search prefix */
759 			getline( line, sizeof(line), stdin, "ufn prefix? " );
760 			ldap_ufn_setprefix( ld, line );
761 			break;
762 
763 		case 'u':	/* user friendly search w/optional timeout */
764 			getline( dn, sizeof(dn), stdin, "ufn? " );
765 			strcat( dn, dnsuffix );
766 			types = get_list( "attrs to return? " );
767 			getline( line, sizeof(line), stdin,
768 			    "attrsonly (0=attrs&values, 1=attrs only)? " );
769 			attrsonly = atoi( line );
770 
771 			if ( command2 == 't' ) {
772 				id = ldap_ufn_search_c( ld, dn, types,
773 				    attrsonly, &res, ldap_ufn_timeout,
774 				    &timeout );
775 			} else {
776 				id = ldap_ufn_search_s( ld, dn, types,
777 				    attrsonly, &res );
778 			}
779 			if ( res == NULL )
780 				ldap_perror( ld, "ldap_ufn_search" );
781 			else {
782 				printf( "\nresult: err %d\n", id );
783 				handle_result( ld, res );
784 				res = NULLMSG;
785 			}
786 			free_list( types );
787 			break;
788 
789 		case 'l':	/* URL search */
790 			getline( line, sizeof(line), stdin,
791 			    "attrsonly (0=attrs&values, 1=attrs only)? " );
792 			attrsonly = atoi( line );
793 			getline( line, sizeof(line), stdin, "LDAP URL? " );
794 			if (( id = ldap_url_search( ld, line, attrsonly  ))
795 				== -1 ) {
796 			    ldap_perror( ld, "ldap_url_search" );
797 			} else {
798 			    printf( "URL search initiated with id %d\n", id );
799 			}
800 			break;
801 
802 		case 'p':	/* parse LDAP URL */
803 			getline( line, sizeof(line), stdin, "LDAP URL? " );
804 			if (( i = ldap_url_parse( line, &ludp )) != 0 ) {
805 			    fprintf( stderr, "ldap_url_parse: error %d\n", i );
806 			} else {
807 			    printf( "\t  host: " );
808 			    if ( ludp->lud_host == NULL ) {
809 				printf( "DEFAULT\n" );
810 			    } else {
811 				printf( "<%s>\n", ludp->lud_host );
812 			    }
813 			    printf( "\t  port: " );
814 			    if ( ludp->lud_port == 0 ) {
815 				printf( "DEFAULT\n" );
816 			    } else {
817 				printf( "%d\n", ludp->lud_port );
818 			    }
819 			    printf( "\t    dn: <%s>\n", ludp->lud_dn );
820 			    printf( "\t attrs:" );
821 			    if ( ludp->lud_attrs == NULL ) {
822 				printf( " ALL" );
823 			    } else {
824 				for ( i = 0; ludp->lud_attrs[ i ] != NULL; ++i ) {
825 				    printf( " <%s>", ludp->lud_attrs[ i ] );
826 				}
827 			    }
828 			    printf( "\n\t scope: %s\n", ludp->lud_scope == LDAP_SCOPE_UNKNOWN ? "DEFAULT (base)" :
829 						ludp->lud_scope == LDAP_SCOPE_ONELEVEL ? "ONE" :
830 						ludp->lud_scope == LDAP_SCOPE_BASE ? "BASE" :
831 						ludp->lud_scope == LDAP_SCOPE_SUBTREE ? "SUB" : "**invalid**" );
832 			    printf( "\tfilter: <%s>\n", ludp->lud_filter ? ludp->lud_filter : "NONE");
833 				if (ludp->lud_extensions){
834 					printf("\textensions: \n");
835 					for (i = 0; ludp->lud_extensions[i] != NULL; i++)
836 						printf("\t\t%s (%s)\n", ludp->lud_extensions[i]->lue_type,
837 							   ludp->lud_extensions[i]->lue_iscritical ? "Critical" : "Non critical");
838 				}
839 
840 			    ldap_free_urldesc( ludp );
841 			}
842 			    break;
843 
844 		case 'n':	/* set dn suffix, for convenience */
845 			getline( line, sizeof(line), stdin, "DN suffix? " );
846 			strcpy( dnsuffix, line );
847 			break;
848 
849 		case 'e':	/* enable cache */
850 #ifdef NO_CACHE
851 			printf( NOCACHEERRMSG );
852 #else /* NO_CACHE */
853 			getline( line, sizeof(line), stdin, "Cache timeout (secs)? " );
854 			i = atoi( line );
855 			getline( line, sizeof(line), stdin, "Maximum memory to use (bytes)? " );
856 			if ( ldap_enable_cache( ld, i, atoi( line )) == 0 ) {
857 				printf( "local cache is on\n" );
858 			} else {
859 				printf( "ldap_enable_cache failed\n" );
860 			}
861 #endif /* NO_CACHE */
862 			break;
863 
864 		case 'x':	/* uncache entry */
865 #ifdef NO_CACHE
866 			printf( NOCACHEERRMSG );
867 #else /* NO_CACHE */
868 			getline( line, sizeof(line), stdin, "DN? " );
869 			ldap_uncache_entry( ld, line );
870 #endif /* NO_CACHE */
871 			break;
872 
873 		case 'X':	/* uncache request */
874 #ifdef NO_CACHE
875 			printf( NOCACHEERRMSG );
876 #else /* NO_CACHE */
877 			getline( line, sizeof(line), stdin, "request msgid? " );
878 			ldap_uncache_request( ld, atoi( line ));
879 #endif /* NO_CACHE */
880 			break;
881 
882 		case 'o':	/* set ldap options */
883 			getline( line, sizeof(line), stdin, "alias deref (0=never, 1=searching, 2=finding, 3=always)?" );
884 			theInt = atoi(line);
885 			ldap_set_option(ld, LDAP_OPT_DEREF, &theInt );
886 			getline( line, sizeof(line), stdin, "timelimit?" );
887 			theInt = atoi(line);
888 			ldap_set_option(ld, LDAP_OPT_TIMELIMIT,  &theInt);
889 			getline( line, sizeof(line), stdin, "sizelimit?" );
890 			theInt = atoi(line);
891 			ldap_set_option(ld, LDAP_OPT_SIZELIMIT, &theInt);
892 
893 			ld->ld_options = 0;
894 
895 #ifdef STR_TRANSLATION
896 			getline( line, sizeof(line), stdin,
897 				"Automatic translation of T.61 strings (0=no, 1=yes)?" );
898 			if ( atoi( line ) == 0 ) {
899 				ld->ld_lberoptions &= ~LBER_TRANSLATE_STRINGS;
900 			} else {
901 				ld->ld_lberoptions |= LBER_TRANSLATE_STRINGS;
902 #ifdef LDAP_CHARSET_8859
903 				getline( line, sizeof(line), stdin,
904 					"Translate to/from ISO-8859 (0=no, 1=yes?" );
905 				if ( atoi( line ) != 0 ) {
906 					ldap_set_string_translators( ld,
907 					    ldap_8859_to_t61,
908 					    ldap_t61_to_8859 );
909 				}
910 #endif /* LDAP_CHARSET_8859 */
911 			}
912 #endif /* STR_TRANSLATION */
913 
914 #ifdef LDAP_DNS
915 			getline( line, sizeof(line), stdin,
916 				"Use DN & DNS to determine where to send requests (0=no, 1=yes)?" );
917 			if ( atoi( line ) != 0 ) {
918 				ld->ld_options |= LDAP_OPT_DNS;
919 			}
920 #endif /* LDAP_DNS */
921 
922 			getline( line, sizeof(line), stdin,
923 				"Recognize and chase referrals (0=no, 1=yes)?" );
924 			if ( atoi( line ) != 0 ) {
925 				theInt = LDAP_OPT_ON;
926 				getline( line, sizeof(line), stdin,
927 						 "Prompt for bind credentials when chasing referrals (0=no, 1=yes)?" );
928 				if ( atoi( line ) != 0 ) {
929 					ldap_set_option( ld, LDAP_OPT_REBIND_FN, bind_prompt );
930 				}
931 			} else {
932 				theInt = LDAP_OPT_OFF;
933 			}
934 			ldap_set_option(ld, LDAP_OPT_REFERRALS, &theInt);
935 			break;
936 
937 		case 'k': /* Set some controls */
938 			getline( line, sizeof(line), stdin,
939 					 "Set control: (0 for none, 1 for ManageDSA, 2 for preferredLang, 3 for BAD)?");
940 			theInt = atoi(line);
941 			switch (theInt){
942 			case 0:
943 				ldap_set_option(ld, LDAP_OPT_SERVER_CONTROLS, NULL);
944 				break;
945 			case 1:
946 				aCtrl.ldctl_oid = "2.16.840.1.113730.3.4.2";
947 				aCtrl.ldctl_iscritical = 1;
948 				aCtrl.ldctl_value = NULL;
949 				ldap_set_option(ld, LDAP_OPT_SERVER_CONTROLS, ctrls);
950 				break;
951 			case 2:
952 				getline( line, sizeof(line), stdin,
953 						 "Preferred Language Control : lang ?");
954 				aCtrl.ldctl_oid = "1.3.6.1.4.1.1466.20035";
955 				aCtrl.ldctl_iscritical = 1;
956 				bv.bv_val = strdup(line);
957 				bv.bv_len = strlen(line);
958 				aCtrl.ldctl_value = &bv;
959 				ldap_set_option(ld, LDAP_OPT_SERVER_CONTROLS, ctrls);
960 				break;
961 			default:
962 				getline( line, sizeof(line), stdin,
963 						 "Bad Control is critical (0=false, 1=true)?");
964 				aCtrl.ldctl_oid = "1.1.1.1.1.1";
965 				aCtrl.ldctl_iscritical = atoi(line);
966 				aCtrl.ldctl_value = NULL;
967 				ldap_set_option(ld, LDAP_OPT_SERVER_CONTROLS, ctrls);
968 				break;
969 			}
970 			break;
971 
972 		case 'O':	/* set cache options */
973 #ifdef NO_CACHE
974 			printf( NOCACHEERRMSG );
975 #else /* NO_CACHE */
976 			getline( line, sizeof(line), stdin, "cache errors (0=smart, 1=never, 2=always)?" );
977 			switch( atoi( line )) {
978 			case 0:
979 				ldap_set_cache_options( ld, 0 );
980 				break;
981 			case 1:
982 				ldap_set_cache_options( ld,
983 					LDAP_CACHE_OPT_CACHENOERRS );
984 				break;
985 			case 2:
986 				ldap_set_cache_options( ld,
987 					LDAP_CACHE_OPT_CACHEALLERRS );
988 				break;
989 			default:
990 				printf( "not a valid cache option\n" );
991 			}
992 #endif /* NO_CACHE */
993 			break;
994 
995 		case '?':	/* help */
996     printf( "Commands: [ad]d         [ab]andon         [b]ind\n" );
997     printf( "          [B]ind async  [c]ompare         [l]URL search\n" );
998     printf( "          [modi]fy      [modr]dn          [rem]ove\n" );
999     printf( "          [res]ult      [s]earch          [q]uit/unbind\n\n" );
1000     printf( "          [u]fn search  [ut]fn search with timeout\n" );
1001     printf( "          [d]ebug       [e]nable cache    set ms[g]id\n" );
1002     printf( "          d[n]suffix    [t]imeout         [v]ersion\n" );
1003     printf( "          [U]fn prefix  [x]uncache entry  [X]uncache request\n" );
1004     printf( "          [?]help       [o]ptions         [O]cache options\n" );
1005     printf( "          [E]xplode dn  [p]arse LDAP URL\n" );
1006 			break;
1007 
1008 		default:
1009 			printf( "Invalid command.  Type ? for help.\n" );
1010 			break;
1011 		}
1012 
1013 		(void) memset( line, '\0', sizeof(line) );
1014 	}
1015 
1016 	return( 0 );
1017 }
1018 
1019 static void
1020 handle_result( LDAP *ld, LDAPMessage *lm )
1021 {
1022 	switch ( lm->lm_msgtype ) {
1023 	case LDAP_RES_COMPARE:
1024 		printf( "Compare result\n" );
1025 		print_ldap_result( ld, lm, "compare" );
1026 		break;
1027 
1028 	case LDAP_RES_SEARCH_RESULT:
1029 		printf( "Search result\n" );
1030 		print_ldap_result( ld, lm, "search" );
1031 		break;
1032 
1033 	case LDAP_RES_SEARCH_REFERENCE:
1034 		printf( "Search reference\n" );
1035 		print_search_entry( ld, lm );
1036 		break;
1037 
1038 	case LDAP_RES_SEARCH_ENTRY:
1039 		printf( "Search entry\n" );
1040 		print_search_entry( ld, lm );
1041 		break;
1042 
1043 	case LDAP_RES_ADD:
1044 		printf( "Add result\n" );
1045 		print_ldap_result( ld, lm, "add" );
1046 		break;
1047 
1048 	case LDAP_RES_DELETE:
1049 		printf( "Delete result\n" );
1050 		print_ldap_result( ld, lm, "delete" );
1051 		break;
1052 
1053 	case LDAP_RES_MODIFY:
1054 		printf( "Modify result\n" );
1055 		print_ldap_result( ld, lm, "modify" );
1056 		break;
1057 
1058 	case LDAP_RES_MODRDN:
1059 		printf( "ModRDN result\n" );
1060 		print_ldap_result( ld, lm, "modrdn" );
1061 		break;
1062 
1063 	case LDAP_RES_BIND:
1064 		printf( "Bind result\n" );
1065 		print_ldap_result( ld, lm, "bind" );
1066 		break;
1067 
1068 	default:
1069 		printf( "Unknown result type 0x%x\n", lm->lm_msgtype );
1070 		print_ldap_result( ld, lm, "unknown" );
1071 	}
1072 }
1073 
1074 static void
1075 print_ldap_result( LDAP *ld, LDAPMessage *lm, char *s )
1076 {
1077 	int rc, i;
1078 	int errCode;
1079 	char *matched = NULL, *errMsg = NULL, **referrals = NULL;
1080 	LDAPControl **srvctrls = NULL;
1081 
1082 	if ((rc = ldap_parse_result(ld, lm, &errCode, &matched, &errMsg, &referrals, &srvctrls, 0)) != LDAP_SUCCESS){
1083 		fprintf(stderr, "%s: error while parsing result (%s)\n", s, ldap_err2string(rc));
1084 		return;
1085 	}
1086 
1087 
1088 	fprintf(stderr, "%s: %s\n", s, ldap_err2string(errCode));
1089 	if (errCode == LDAP_REFERRAL){
1090 		fprintf(stderr, "\tReferrals returned: \n");
1091 		for (i = 0; referrals[i] != NULL; i++)
1092 			fprintf(stderr, "\t\t%s\n", referrals[i]);
1093 	}
1094 	if (errMsg && *errMsg)
1095 		fprintf(stderr, "\tAdditional info: %s\n", errMsg);
1096 	free(errMsg);
1097 	if (NAME_ERROR(errCode) && matched && *matched){
1098 		fprintf(stderr, "\tMatched DN: %s\n", matched);
1099 		free(matched);
1100 	}
1101 	if (srvctrls != NULL){
1102 		fprintf(stderr, "\tLDAPControls returned: \n");
1103 		for (i=0;srvctrls[i] != NULL; i++)
1104 			fprintf(stderr, "\t\t%s (%s)\n", srvctrls[i]->ldctl_oid, srvctrls[i]->ldctl_iscritical ? "Critical" : "Not critical");
1105 	}
1106 	return;
1107 }
1108 
1109 static void
1110 print_search_entry( LDAP *ld, LDAPMessage *res )
1111 {
1112 	BerElement	*ber;
1113 	char		*a, *dn, *ufn;
1114 	struct berval	**vals;
1115 	int		i;
1116 	LDAPMessage	*e;
1117 
1118 	for ( e = ldap_first_message( ld, res ); e != NULLMSG;
1119 	    e = ldap_next_message( ld, e ) ) {
1120 		if ( e->lm_msgtype == LDAP_RES_SEARCH_RESULT )
1121 			break;
1122 
1123 		dn = ldap_get_dn( ld, e );
1124 		printf( "\tDN: %s\n", dn );
1125 
1126 		ufn = ldap_dn2ufn( dn );
1127 		printf( "\tUFN: %s\n", ufn );
1128 		free( dn );
1129 		free( ufn );
1130 
1131 		if ( e->lm_msgtype == LDAP_RES_SEARCH_REFERENCE ){
1132 			char **urls = ldap_get_reference_urls(ld, e);
1133 			if (urls == NULL){
1134 				printf("\t\tError with references: %s\n", ldap_err2string(ld->ld_errno));
1135 			} else {
1136 				for (i=0;urls[i] != NULL;i++)
1137 					printf("\t\tURL: %s\n", urls[i]);
1138 			}
1139 		} else {
1140 			for ( a = ldap_first_attribute( ld, e, &ber ); a != NULL;
1141 				  a = ldap_next_attribute( ld, e, ber ) ) {
1142 				printf( "\t\tATTR: %s\n", a );
1143 				if ( (vals = ldap_get_values_len( ld, e, a ))
1144 					 == NULL ) {
1145 					printf( "\t\t\t(no values)\n" );
1146 				} else {
1147 					for ( i = 0; vals[i] != NULL; i++ ) {
1148 						int	j, nonascii;
1149 
1150 						nonascii = 0;
1151 						for ( j = 0; j < vals[i]->bv_len; j++ )
1152 							if ( !isascii( vals[i]->bv_val[j] ) ) {
1153 							nonascii = 1;
1154 							break;
1155 							}
1156 
1157 						if ( nonascii ) {
1158 							printf( "\t\t\tlength (%ld) (not ascii)\n", vals[i]->bv_len );
1159 #ifdef BPRINT_NONASCII
1160 							lber_bprint( vals[i]->bv_val,
1161 										 vals[i]->bv_len );
1162 #endif /* BPRINT_NONASCII */
1163 							continue;
1164 						}
1165 						printf( "\t\t\tlength (%ld) %s\n",
1166 								vals[i]->bv_len, vals[i]->bv_val );
1167 					}
1168 					ber_bvecfree( vals );
1169 				}
1170 			}
1171 		}
1172 	}
1173 
1174 	if ( res->lm_msgtype == LDAP_RES_SEARCH_RESULT
1175 	    || res->lm_chain != NULLMSG )
1176 		print_ldap_result( ld, res, "search" );
1177 }
1178